Former DEF CON CTF organizer. Associate Professor @ASU. Web, system, and network security. Loves CTFs. Hacks w/ @shellphish. Hosts @ctfradiooo. Open DMs.
Feb 17, 2022 • 34 tweets • 7 min read
Very happy to finally release the game code that @oooverflow used to run @defcon Finals CTF 🎉
This was roughly the 3rd attack-defense CTF game infrastructure that I've written, so there's a lot of design principles and lessons learned that I'll share here in this 🧵 ...
github.com/o-o-overflow/d… 1/33
Apr 21, 2021 • 35 tweets • 5 min read
There's a lot of discussion now of human subjects in Computer Science / security research, the role of the IRB, and ethics
I thought I'd give my 2🪙
/thread 1/34
My background: In 2017 we ran an experiment to measure the effectiveness of telephone scams, sending out 3k phone scams to unsuspecting users (at our university)
As I was filling out my review preferences for @USENIXSecurity , I realized that PhD students don’t have an idea of how this works.
So let me explain
/thread
I’ve had arguments in the past with coauthors and collaborators about the value of a paper’s title, abstract, or even those “categories” you select when submitting the paper.